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[57] ABSTRACT 

The present invention is a portable client PDA with a touch 
screen or other equivalent user interface and having a 
microphone and local central processing unit (CPU) for 
processing voice commands and for processing bio metric 
data to provide user verification. The PDA also includes a 
memory for storing financial and personal information of the 
user and I/O capability for reading and writing information 
to various cards such as smartcards, magnetic cards, optical 
cards or EAROM cards. The PDA includes a Universal 
Card, which is common generic smartcard with a unique 
imprint provided by a service provider, on which selected 
financial or personal information stored in the PDA can be 
downloaded to perform certain consumer transactions. The 
PDA includes a modem, a serial port and/or a parallel port 
so as to provide direct communication capability with 
peripheral devices (such as POS and ATM terminals) and is 
capable of transmitting or receiving information through 
wireless communications such as radio frequency (RF) and 
infrared (IR) communication. The present invention is pref- 
erably operated in two modes, i.e., a client/server mode and 
a local mode. The client/server mode is periodically per- 
formed to download a temporary digital certificate (which is 
necessary to access selected information stored in the PDA 
and to write such information to the Universal Card) from a 
central server of the service provider of the PDA and 
Universal Card. Next, the local mode of operation is per- 
formed by providing the PDA with biometric data and 
selecting one of the pre-enrolled credit cards that are stored 
in the PDA. Upon biometric verification, the Universal Card 
is written with the selected card information, which is then 
used to initiate a consumer transaction. In the absence of an 
unexpired digital certificate, however, the selected card 
information will not be written to the Universal Card, 
notwithstanding that the user may have passed local bio- 
metric verification. 

20 Claims, 5 Drawing Sheets 



USER SELECTS 
CMD 




USER PROKTED 

TO SELECT 
ALTERNATE CAFD 


1 1 






6&ECTEC CMS 







URO OtfCRHATlCN 
ttC AUTHORIZATION 



►FORMATION 

AND 
ALTTMMZATKM 



01/08/2004, EAST Version: 1.4.1 



6,016,476 

Page 2 



U.S. PATENT DOCUMENTS 



5,513,272 4/1996 Bogosian, Jr. 382/116 

5,517,558 5/1996 Schalk 379/88.02 

5,657,389 8/1997 Houvener 380/23 

5,696,827 12/1997 Brands 380/30 

5,721,781 2/1998 Deo ct aL 380/25 



5,742,845 4/1998 Wagner 705/26 

5,796,832 8/1998 Kawan 380/24 

5,825,880 10/1998 Sudia ct al 380/21 

5,852,811 12/1998 Atkins 705/36 

5,892,900 4/1999 Ginter ct al 713/200 

5,893,063 4/1999 Loats et al 704/275 



01/08/2004, EAST version: 1.4.1 



U.S. Patent 



Jan. 18, 2000 



Sheet 1 of 5 



6,016,476 




01/08/2004, EAST Version: 1.4.1 



U.S. Patent 



Jan. 18, 2000 



Sheet 2 of 5 



6,016,476 




01/08/2004, EAST Version: 1.4.1 



U.S. Patent Jan. 18,2000 Sheet 3 of 5 6,016,476 




START 



COMMUNICATION ESTABLISHED 
BETWEEN CENTRAL SERVER 
AND USER PDA 



100 



FIG. U 



USER PROMPTED TO 
PROVIDE VERIFICATION 
DA 



102 



VERIFICATION DATA 
PROVIDED? 



104 



NO 



YES 



VERIFICATION DATA 

PROCESSED BY 
CENTRAL SERVER 



108^ 



USER VERIFIED? 



110 



NO 



YES 



USER PROMPTED TO 
PROVIDE TRANSACTION 
LIMITATIONS 



112 



REQUESTED TRANSACTION 
LIMITATIONS PROCESSED 



116 



\ 



106. 



ENCRYPTED DIGITAL 
CERTIFICATE DOWNLOADED 
ONTO USER PDA 
VIA ESTABLISHED 
COMMUNICATION LINK 



DIGITAL 
CERTIFICATE 

IS NOT 
DOWNLOADED 



01/08/2004, EAST Version: 1.4.1 



U.S. Patent 



Jan. 18, 2000 



Sheet 4 of 5 



6,016,476 



FIG. 5 



local mode 
"start* 



200- 



202- 




USER SELECTS 
CARD 



204 

1Z 



USER PROMPTED 

TO SELECT 
ALTERNATE CARD 



SELECTED CARD 
AVAILABLE? 



226 



NO 



YES 




PROCESS 
BIOMETRIC DATA 



PDA DEVICE 
PROHIBITED 
FROM 
TRANSMITTING 
INFORMATION 



210 



USER VERIFIED? 



NO 



NO 



YES 



DIGITAL CERTIFICATE 
VALID? 



228 

jLL 



NO 



INFORMATION 
WILL NOT BE 
WRITTEN TO 
UNIVERSAL 
CARD 



YES 



INFORMATION 
RETREIVED AND DECRYPTED 




INFORMATION 
TRANSMITTED 
TO TRANSACTION 
TERMINAL 



INFORMATION WRITTEN 
TO UNIVERSAL CARD 



CARD READ BY 
TRANSACTION TERMINAL 



INFORMATION SENT 
TO FINANCIAL INSTITUTION 



230 



RECEIPT 
WRITTEN TO 
PDA DEVICE 



UNIVERSAL CARD 
OVERWRITTEN 
WITH RECEIPT 



RECEIPT STORED 



-222 



-224 



01/08/2004, EAST Version: 1.4.1 



U.S. Patent 



Jan. 18, 2000 



Sheet 5 of 5 



6,016,476 




304 



306 



308 



SELECTED CARD 
AVAILABLE? 



YES 



PROCESS 
BIOMETRIC DATA 



USER VERIFIED? 



YES 



DIGITAL CERTIFICATE 
VALID? 



310 



YES 



INFORMATION 
RETREIVED AND DECRYPTED 



314 



CARD INFORMATION 
AND AUTHORIZATION 
NUMBER DISPLAYED 



302 



USER PROMPTED 

TO SELECT 
ALTERNATE CARD 

1 



NO 



NO 



NO 



312 



INFORMATION 

AND 
AUTHORIZATION 
NUMBER WILL 

NOT BE 
DISPLAYED 



316 



USER VERIFIED BY 
AUTHORIZATION AND 
CARD NUMBER 



318 



FIG. 6 



01/08/2004, EAST Version: 1.4.1 



6,016 : 

1 

PORTABLE INFORMATION AND 
TRANSACTION PROCESSING SYSTEM AND 
METHOD UTILIZING BIOMETRIC 
AUTHORIZATION AND DIGITAL 

CERTIFICATE SECURITY 5 

This application is based on a provisional application 
Scr. No. 60/055,418, filed on Aug. 11, 1997. 

BACKGROUND OF THE INVENTION 
The present invention relates to a portable information 
and transaction processing system and method and, more 
particularly, to a portable information and transaction pro- 
cessing system and method which utilizes digital certificate 
security and biometric authorization to provide personal 15 
verification prior to processing user requested financial 
transactions and providing personal information. 

It is now widely accepted in the domestic consumer 
market that purchasing or selling goods or services with 
credit cards at point of sale (POS) terminals, as well as 2 o 
performing electronic transfer of funds at automated teller 
machine (ATM) terminals using ATM cards, is more efficient 
than using cash to pay for goods or services or paying debts. 
Utilizing cash as a means for purchasing goods or paying 
debts is generally viewed as burdensome for several reasons. 2 s 
First, in terms of accounting, the consumer must manually 
generate records and reconcile his or her accounts to keep 
track of such cash transactions. By utilizing a credit card 
issued by a financial institution, however, consumer trans- 
actions are recorded by such financial institution and 30 
accountings are provided to the consumer on a monthly 
basis, which provides improved accounting and reconcilia- 
tion. 

In addition, using cash is a financially insecure method for 
protecting consumers against fraud and theft. For example, 35 
if a consumer believes that he or she has been sold an 
inferior or over-priced product, which frequently occurs 
during quick consumer transactions where the consumer 
may not have adequate time to reflect on the purchase until 
some time after such purchase, it is much easier for the 40 
consumer to contact the financial institution to stop payment 
on goods purchased using a credit card than it is for the user 
to recover cash from the merchant from whom such goods 
were bought. Moreover, it is virtually impossible for a 
consumer to recover cash that has been stolen or lost. On the 45 
other hand, if the consumers credit cards are stolen or lost, 
the consumer can contact the corresponding financial insti- 
tution to cancel such cards and obtain new credit card 
accounts. 

Accordingly, there is a strong trend today in moving 50 
towards a "cashless society/' which has caused a substantial 
increase in the use of credit cards, ATM cards and direct 
debit cards (collectively, "financial cards") for performing 
consumer transactions. Notwithstanding the perceived ben- 
efits of using financial cards rather than cash, there exists 55 
several disadvantages in using these cards. For example, if 
the consumer frequently uses a significant number of finan- 
cial cards, the consumer must physically possess all such 
cards in order to access a desired account. Having to carry 
such a large number of financial cards can be extremely 60 
burdensome to the consumer since a substantial amount of 
space is occupied by these cards in the consumer's wallet or 
purse. Moreover, if the wallet or purse is lost or stolen, the 
consumer must contact the financial institution for each 
financial card to cancel the account so as to prevent an 65 
unauthorized user from transacting business with such cards, 
which is also a burdensome task. 
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Another disadvantage in using financial cards is that 
consumers are not fully protected from the unauthorized use 
of lost or stolen cards. For example, a merchant can confirm 
the ownership of a credit card during a consumer transaction 
by comparing the authorized signature that is (or should be) 
written on the back of the credit card with the signature of 
the person signing the credit card receipt. Realistically, 
merchants generally do not compare these signatures during 
such a transaction, and even if they do, they may not 
compare such signatures with the level of scrutiny or skill 
needed to distinguish minor differences between the con- 
sumer's signature and the unauthorized user's forged sig- 
nature. Therefore, during the period of time between the 
time the consumer's credit card is lost or stolen and the time 
the consumer realizes such loss or theft and cancels the 
account, an unauthorized user who has found or stolen the 
card may charge a substantial amount of money to the 
consumer's card, leaving the consumer with the burden of 
having to dispute such unauthorized charges with the finan- 
cial institution. 

SUMMARY OF THE INVENTION 

It is therefore an object of the present invention to provide 
a portable information and transaction processing device 
("personal digital assistant" or "PDA") in which a user can 
store his or her credit card, ATM card and/or debit card (i.e., 
financial) information, as well as personal information, and 
then access and write selected information to a smartcard 
("Universal Card"), which is then used to initiate a POS, 
ATM, or consumer transaction. 

It is another object of the present invention to provide a 
PDA device which utilizes biometric security to provide user 
verification prior to accessing and writing the selected 
financial and personal information to the Universal Card. 

It is yet another object of the present invention to provide 
a PDA device with digital certificate security, whereby the 
user is required to periodically download a temporary digital 
certificate from a central server of the service provider of 
such Universal Card into the PDA device prior to accessing 
and writing the selected financial and personal information 
to the Universal Card. 

It is still another object of the present invention to provide 
a PDA device with digital certificate security which is 
compatible with the current infrastructure (i.e., immediately 
employed without having to change the existing 
infrastructure) and which brings biometric security to elec- 
tronic data transfer systems that are currently unable to 
perform biometric verification. 

It is yet another object of the present invention to provide 
a PDA device with digital certificate security which can be 
extended to all applications or systems wherein magnetic 
and/or smartcards are used such as access control cards for 
accessing a device service or building, cash cards for per- 
forming ATM transactions, calling cards or cellular cards 
(for e.g., GSM (Group Special Mobile) digital cellular 
mobile radio system) for making telephone calls and 
employee cards for accessing confidential information. 

In one aspect of the present invention, a portable infor- 
mation and transaction processing device, comprises: central 
processing unit for controlling the functioning and for 
processing a plurality of operations of the device; memory 
means, operatively coupled to the central processing unit, 
for storing financial and personal information and for storing 
a temporary digital certificate; communication means, 
operatively coupled to the central processing unit, for estab- 
lishing a communication link with a central server at a 
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remote location to obtain the temporary digital certificate; The present invention advantageously eliminates the bur- 
user interface means, operatively coupled to the central den of having to carry a multitude of financial cards and/or 
processing means, for initiating at least one of the plurality credit cards that a user may frequently utilize. The financial 
of operations of the device and selecting a portion of one of information for each card may be stored in the PDA and 

the financial and personal information from the memory s written to the Universal Card when needed. If the Universal 
means; a universal card, detachably coupled to the central ^ i ost or slo i cn , the user will only have to contact the 

processing unit, for receiving the selected portion of one of service provider to cancel and reissue a new account. In 
the financial and personal information; and programming addition, due to the biometric and digital certificate security 
means, operatively coupled to the central processing unit wn j cn protects against the unauthorized access to the user's 

and responsive to the temporary digital certificate, for writ- 10 financial and personal information, a lost or stolen Universal 
ing the selected portion of one of the stored financial and is to an unauthorized user, 

personal information to the universal storage card, whereby Fm{h ^ m invention be immediately 
the programming means * prevented from writing the to d without the need for changes in me existing 

selected portion of one of the financial and personal infer- ntestmcture since the PDA and Universal Card may be 

mation to the universal card when the temporary digital 15 ^ My &y ^ m which magnelic cards or 

certificate is invalid. smartcards for electronic data transfer such as point of sale 

The present invention is a portable client PDA with a ( p0S ) terminals or aulom ated teller machines (ATM) which 
touch screen or other equivalent user interface, which prov i dc d j rcct dc bi t capability. 

includes a microphone and a local central processing unit _ , . . r * j j f ,l 

/^nm c - - * a « a a These and other objects, features and advantages of the 

(CPU) for processing voice activated commands and for 2 n •« i_ . c .u % « 

v J . * . * . . 4 . . fi t -„ present invention will become apparent from the following 

processing biometnc data to provide biometnc verification , , . . r -n * *■ u j- . w u * * 

of a user g THe present invention includes a memory for f l * e " W ^ 

storing financial and personal information of the user and be read m connection with the accompanying drawings. 
I/O capability for writing and reading information to and BRIEF DESCRIPTION OF THE DRAWINGS 

from various cards such as smartcards, magnetic cards, 2 s 

optical cards or EAROM (electrically alterable read-only FIG. 1 is a block diagram illustrating elements of a 
memory) cards. The present invention includes a Universal portable information and transaction processing device 
Card, which is a common generic smartcard with a unique according to an embodiment of the present invention; 
imprint (i.e., an account number) provided by a service FIGS. 2a and 2b are diagrams of the Universal Card 

provider, on which selected financial or personal informa- 30 according to an embodiment of the present invention; 
tion stored in the PDA can be downloaded to perform FIG 3 ^ a block diagram showing the interaction of the 
various transactions. The PDA preferably includes a modem porta bl e information and transaction processing device in 
and a serif 1 port and/or a parallel port so as to provide direct connection with processing a transaction according to the 
communication capability with peripheral devices. The PDA present invention* 

is also capable of transmitting or receiving information 35 FIG 4 * a flow diagram illustrating the client/server 

^ Ug \ Wl f ^ c ™ mcatlons such as radl ° te^y mode 0 f operation in accordance with the present invention; 
(RF) and infrared (IR) communication. . , n t 1 , . 

Hie present invention is preferably operated in two ' 5 * a flow diagram lUustratrng the local mode of 

modes, i.e., a client/server mode and a local mode. The °P eratl0n in accordance with the present invention; and 

client/server mode is periodically performed to download a 40 FIG * 6 is a flow diagram illustrating another local mode 
temporary digital certificate from a central server of the of operation in accordance with the present invention, 
service provider of the PDA and Universal Card. The DETAILED DESCRIPTION OF PREFERRED 

client/server mode is performed by establishing com mum- EMBODIMENTS 
cation between the PDA and a central server of the service 

provider via modem or wireless communication. Once com- 45 It is to be understood that same or similar components 
munication is established, the central server verifies the user illustrated throughout the figures are designated with the 
either biometrically or through PIN or password or a com- same reference numeral. It is to be further understood that 
bination thereof, and then generates a temporary digital the elements or functional modules described herein in 
certificate which is downloaded into the PDA. A temporary, accordance with the present invention may be implemented 

unexpired digital certificate is necessary to access selected 50 in various forms of hardware, software, or a combination 
information stored in the PDA and write such information to thereof. Preferably, the main biometric verification elements 
the Universal Card. and speech recognition elements are implemented in soft- 

Next, the local mode of operation of the PDA is per- ware and may include any suitable and preferred processor 
formed to initiate a consumer transaction. Preferably, in the architecture for practicing the invention by programming 

local mode, the user selects one of the pre-enrolled credit 55 one or more general purpose processors. It is to be further 
cards that are stored on the PDA by stating a verbal understood that, because some of the components of the 
command into the microphone of the PDA, whereby the invention described wherein are preferably implemented as 
CPU processes the verbal command and performs user software modules, the actual connections shown in the 
verification. Alternatively, user verification (i.e, local figures may differ depending upon the manner in which the 

verification) may be performed by using either biometric 60 invention is programmed. Of course, special purpose pro- 
data, PIN or password, or a combination thereof. Upon local cessors may be employed to implement the invention. Given 
verification, the selected information is retrieved from the teachings of the invention herein, one of ordinary skill in 
memory and written to the Universal Card which is then the related art will be able to contemplate these and similar 
available to commence a transaction. In the absence of an implementations of the elements of the invention, 

unexpired digital certificate, however, the selected informa- 65 Referring initially to FIG. 1, a block diagram illustrating 
tion will not be written to the Universal Card notwithstand- elements of the portable information and transaction pro- 
ing that the user may have passed local verification. cessing (PDA) device 10 according to an embodiment of the 
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present invention is shown. The heart of the device is a 
central processing unit (CPU) 12, which controls the opera- 
tions of the PDA device 10 via programs stored in a memory 
14 and executed by the CPU 12. Specifically, the CPU 12 
includes an acoustic processor module 16 for processing 
voice commands inputted into the PDA device 10 through a 
microphone 18. The acoustic processor module 16 is also 
used for performing local speaker verification. The CPU 12 
also includes a digital certificate processor module 20, for 
processing a digital certificate obtained in the client/server 
mode of operation (to be discussed in detail below), and a 
biometric processor module 22 for processing biometric data 
in addition to, or alternative to voice data, to provide user 
verification. The CPU 12 further includes an encrypter/ 
decrypter module 24 for encrypting the personal and finan- 
cial information before being stored in memory 14 and for 
decrypting such information when accessed by the user. 
Although the illustrative embodiment herein shows the CPU 
12 comprising the digital certificate module 20, the 
encrypter/decrypter module 24, the acoustic processor mod- 
ule 16 and the biometric processor module 22, it is to be 
understood that such modules may also be implemented as 
special purpose modules each having a processor, associated 
memory and stored programs for performing such functions. 

The PDA device 10 includes a smartcard reader/writer 26 
(as is known in the art) for reading and writing information 
to and from various cards, e.g., magnetic cards, IC cards 
and/or EAROM cards (using known standards and 
techniques). During the local mode of operation of the PDA 
device 10, a Universal Card 26 of the present invention is 
inserted into the smartcard reader/writer 30 and, upon user 
verification, selected financial or personal information is 
written to the Universal Card 26. When not in use, the 
Universal Card 26 may be stored in a smartcard storage 
compartment 32 of the PDA device 10. 

The PDA device 10 includes a user interface/display 34, 
which is preferably a liquid crystal display (LCD) touch 
screen display (or equivalent user interface), for displaying 
and/or inputting data associated with the operations or 
functions of the PDA device 10. Alternatively, the interface/ 40 
display 24 may be comprised of a keyboard and a conven- 
tional LCD display. Additionally, the PDA device 10 may . 
audibly communicate with or request information from the 
user through a speaker 26 which is operatively connected to 
the CPU 12 via a text-to-speech converter 38. The text- to- 45 
speech converter 38 converts signals from the CPU 12 into 
synthesized speech which is then heard through the speaker 
36. The PDA device 10 may be configured to simultaneously 
display such information along with generating the synthe- 
sized speech. Furthermore, the PDA device 10 may operate 
without a display (or a limited display) and rely on the 
text-to-speech functions to communicate information to the 
user of such device. 

A biometric sensor 40 of any conventional type may also 
be provided for collecting biometric data (other than voice 
data which is received by the microphone 18) such as a 
finger, thumb or palm print, a handwriting sample, a retinal 
vascular pattern, or a combination thereof, to provide bio- 
metric verification as an alternative to, or in addition to, 
voice biometric verification. This data is then processed by 
the biometric processor module 22 to provide user verifica- 
tion (i.e., biometric security) prior to accessing the financial 
and personal information stored in memory 14. It is to be 
appreciated by one of ordinary skill in the art that the 
biometric verification features of the PDA device may be 
replaced or supplemented with a PIN (personal identification 
number) or password to provide user verification. 



The PDA device 10 may preferably be equipped with 
various communication ports such as a serial port 42 and a 
parallel port 44 (utilizing known computer interface 
standards), operatively coupled to the CPU 12, as well as a 
telephone line interface 46 (using a known interface 
connections), to provide means for establishing a commu- 
nication link between the PDA device 10 and other periph- 
eral devices such as computers, modems and printers. For 
establishing wireless communication, the device may pref- 
erably be equipped with an RF processor module 48, opera- 
tively connected between the CPU 12 and an RF port 50, for 
processing incoming RF information received by the RF 
port 50, and for generating transmission signals which are 
outputted from the RF port 50 using conventional construc- 
tions and techniques. The device may also be equipped with 
an IR processor module 52, operatively connected between 
the CPU 12 and an IR port 54, for processing incoming 
optical information and for generating output optical signals 
using conventional constructions and known techniques. 
Preferably, the PDA device 10 includes a DTMF (dual tone 
multi-frequency) processor module 56 and a modem 58, 
operatively coupled between the CPU 12 and the telephone 
line interface 46. Communication of financial information 
may be accomplished via modem communication and/or 
DTMF tone communication on a telephone line, using 
known methods. DTMF communication may be used for 
processing PINs for user verification and authorization. 

Referring now to FIGS. 2a and 2b, diagrams of the 
Universal Card 26 according to an embodiment of the 
present invention are shown. The Universal Card 26 is 
essentially a generic smartcard which includes either a 
magnetic band 28 (FIG. 2a) or integrated chip (IC) 29 (FIG. 
2b), or both, for storing the selected information which is 
retrieved from the memory 14 and written to the Universal 
Card 26 through the smartcard reader/writer 30 during the 
local mode of operation of the PDA device 10. The Univer- 
sal Card 26 (issued by a service provider) contains a unique 
Universal Card number 27 imprinted thereon, which corre- 
sponds to the designated user account number provided by 
the/service provider (which is analogous to the account 
number provided on a credit card or ATM card). 

As more fully discussed below, the Universal Card num- 
ber 27 may be utilized to provide user verification in 
consumer POS transactions utilizing a traditional mechani- 
cal sweeper instead of a magnetic sweeper which is capable 
of magnetically reading the magnetic band 28 of the Uni- 
versal Card 26. The unique Universal Card number 27 may 
also be used for to provide user verification in instances 
where consumer transactions are performed remotely over a 
telephone. In such instance, as explained below, an autho- 
rization number, which is unique to the current digital 
certificate, will be displayed on the PDA device 10 upon user 
verification. The authorization number, together with the 
unique Universal Card number 27, may be used to verify the 
55 user. 

Referring to FIG. 3, a block diagram illustrating the 
interaction of the PDA device 10 in connection with pro- 
cessing a transaction according to the present invention is 
shown. The user of the PDA device 10 and Universal Card 
26 (FIGS. 1 and 2) must first perform an enrollment proce- 
dure with a service provider. Enrollment involves obtaining 
a Universal Card 26 with a designated account number (i.e., 
the unique imprint 27 on the Universal Card 26) and 
providing the service provider with the user's credit card or 
ATM card information so that such information can be 
verified with the financial institutions 70 that issued such 
cards. This information is then stored on a central server 60 
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of the service provider. The user may then subsequently 
download such information into the PDA device 10 by 
establishing a communication link (LI) with the central 
server 60. Alternatively, the credit cards or ATM cards may 
be loaded into the PDA device 10 by directly reading 5 
information contained on such cards through the smartcard 
reader/writer 30 of the PDA device 10. In such a situation, 
the PDA device 10 will compare the user ID of the credit 
cards with the user ID of the PDA device to verify the user 
so as to prevent a user from downloading the information 10 
from cards owned by another person into the user's PDA 
device 10. In the event that the PDA device is unable to 
verify the owner of a card which is being directly down- 
loaded via the smartcard reader/writer 30 (i.e., the card does 
not contain the name of its owner), the user will be required 15 
to enroll the card by providing the service provider with the 
card information (to obtain verification from the appropriate 
financial institution) and then connect to the central server 
60 to download the card information. 

Enrollment also involves providing the service provider 20 
with personal information such as the user's social security 
number, address, maiden name and date of birth, which is 
stored on the central server 60. Such information is then 
used to verify the user during the client/server mode prior to 
the issuance of a digital certificate. A personal identification 25 
number PIN and the Universal Card 26 with a unique 
account number 27 is provided by the service provider. This 
information, as well as biometric data such as voice prints 
(models) of the user, are also stored in central server 60 of 
the service provider for user verification during the client/ 30 
server mode to obtain a digital certificate (to be discussed in 
detail below). The central server 60 is a computer which is 
programmed to perform the functions described herein such 
as biometric verification, speech recognition and generating 
and downloading a temporary digital certificate. 35 

Referring to FIGS. 1, 3 and 4, the client/server operating 
mode of the present invention is now described. As indicated 
above, the user must periodically connect the PDA device 10 
with the central server 60 of the service provider (Link LI, 
FIG. 3) in order to obtain a valid digital certificate from the 40 
central server 60 prior to initiating a consumer transaction. 
Specifically, the digital certificate is binary encrypted file 
that must be downloaded into the PDA device 10 before 
personal or financial information of the user can be written 
to the Universal Card 26. The digital certificate contains 45 
information relating to (but not limited to) the account 
number of the PDA device 10, the date on which the digital 
certificate was authenticated and its expiration date, as well 
as any constraints which exist for each enrolled card. The 
digital certificate is stored in the memory 14 of the PDA 50 
device 10. Prior to the execution of a transaction (i.e., 
downloading selected card information from the memory 14 
to the Universal Card 26), the digital certificate is decrypted 
by the encrypter/decrypter module 24 and loaded into the 
digital certificate processor module 20 wherein it is pro- 55 
cessed to determine if it is valid. 

In order to obtain the digital certificate, the user must 
establish a communication link (Link LI, FIG. 3) with the 
central server 60 of the service provider (step 100, FIG. 4). 
Communication may be established by dialing into the 60 
central server 60 through a telephone line via the modem 58 
and telephone line interface 46. It is also contemplated by 
the present invention that communication may be estab- 
lished with the central server 60 through a digital commu- 
nication channel such as internet, intranet or local area 65 
network. Alternatively, communication between the PDA 
device 10 and the central server 60 may be established 
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through wireless communications, e.g., via the RF port 50 
and the RF processor module 48. Further, the PDA device 10 
may be connected to the central server via a special ATM (or 
other such kiosks) which uses intranet and TCP/IP to con- 
nect to the central server 60. It is to be understood that the 
PDA device 10 may be operatively linked to the kiosk either 
direcdy (e.g., via serial or parallel ports 42 and 44) or 
through wireless communication via the RF port 50 or the IR 
port 53. As demonstrated above, it is to be appreciated by 
one of ordinary skill in the art that the central server 60 of 
the present invention is accessible through any conventional 
communication channel. 

Once communication has been established, the user is 
prompted (either by text on the user interface/display 34 or 
verbally through the text-to-speech converter 38 and speaker 
36) to enter certain verification data (step 102). Such data is 
then transmitted to the central server 60 via the communi- 
cation link LI. Specifically, the central server 60 may ask the 
user a series of questions (which are randomly chosen from 
the totality of questions asked and answered during the 
enrollment process). Such questions are received by the 
CPU 12 of the PDA device 10 and either displayed on the 
user interface display 34 or sent to the text-to-speech con- 
verter 38, where they are converted to synthesized speech 
and audibly transmitted to the user through the speaker 36. 
The central server 60 may also prompt the user to enter the 
PIN that was issued to the user during the enrollment 
process. 

If such requested verification data is not provided within 
a predetermined time (step 104), the central server 60 will 
automatically disconnect the communication link LI, and a 
digital certificate will not be downloaded (step 106). On the 
other hand, if the user enters the requested verification data 
in timely manner (step 104), the central server 60 will 
process such data (step 108). The user may provide the 
requested verification data by providing answers to the 
questions by speaking into the microphone 18. The audio 
signals are then received by the CPU 12 and then directed to 
the acoustic processor module 16, wherein the user's 
answers are processed and transmitted to the central server 
60 via the communication link LI. In addition, the user may 
enter his or her assigned PIN through the user interface 
display 34. This PIN is then processed by the DTMF 
processor module 56 to generate corresponding tone signals 
which are received and processed by the central server 60. 
Preferably, the PIN can be provided by stating, e.g., "My pin 
number is 3456" into the microphone 18, wherein the audio 
signals are processed by the acoustic processing module 16, 
and then transmitted to the central server 60 via the estab- 
lished communication link LI. 

While the user is entering the requested verification data, 
the central server 60 begins processing the verification data 
(step 108). Specifically, the central server 60 will perform 
speaker verification to compare the user voice models that 
were processed and compiled by the CPU 12 of the PDA 
device 10 with the user's voice prints that were stored in the 
central server 60 during the enrollment process. Further, the 
central server 60 compares the answers given by the user 
with the answers provided during the enrollment process to 
determine if they match. The central server 60 may also 
verify whether the PIN entered by the user corresponds to 
the PIN that was issued during the enrollment process. If, 
after processing the verification data, the central server 60 
determines that the user is not an authorized user (step 110), 
the communication link LI will be disconnected and no 
digital certificate will be downloaded (step 106). 

It is to be appreciated that any conventional speech/ 
speaker recognition system may be employed by the present 
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invention. The present invention is not, in any way, limited specific financial card information to be used, the limit on 
to use with or dependent on any details or methodologies of the amount of allowed spending allowed over the lifetime of 
any particular speech/speaker recognition system which the temporary digital certificate and/or the period of time in 
may be employed. Preferably, the speaker recognition sys- which the temporary digital certificate will remain valid 
tem utilized by the central server 60 and the PDA device 10 s (step 112). This information is received and processed by the 
in accordance with the present invention is the system which central server 60 and a digital certificate is then created and 
performs text-independent speaker verification and asks encoded with the user requested limitations (step 114). This 
random questions, i.e., a combination of speech recognition, digital certificate is then encrypted by the central server 60 
text independent speaker recognition and natural language and downloaded into the digital certificate processing mod- 
understanding using acoustic and non-acoustic models to ule 20 of the CPU 12 via the established communication link 
provide security from unauthorized access to a service/ LI (step 116). It is to be understood that the present 
facility (i e , the central server 60) such as disclosed in U.S. invention may employ any known encryption technique or 
Ser. No. 08/871,784, filed on Jun. 11, 1997, and entitled: algorithm for the encryption/decryption process, such as 
"Apparatus And Methods For Speaker Verification/ those disclosed m "Applied Cryptography," by Bruce 
Identification/Classification Employing Non-Acoustic And/ „ Schemer, second edition, Wiley, 1996 The ^J^]^ 

Or Acoustic Models and Databases" which is commonly 15 B ^"*?"^ fi m ^ 

i t f #u * tvL a valid digital certificate, the user can then perform the local 

assigned to me assignee of the present invention and the * ^ rf ^ pDA deyice 1Q 

disclosure of wh,ch is incorporated herein by reference. * * bc iated tfa as dcmonstratcd above> the 

More particularly, the text-independent speaker verification m utiHze piN or password prot ection in 

system is preferably based on a frame-by frame feature M ^ Qr m ^ of> biometric veri fi ca tion to obtain the 

classification as disclosed in detail in U.S. Ser. No. 08/788, nece ssary digital certificate from central server 60. 

471 filed on Jan. 28, 1997 and entitled: "Text Independent Moreover, the methods disclosed in the above-referenced 

Speaker Recognition for Transparent Command Ambiguity ij s Scr No 08/873,079 may be utilized in the present 

Resolution And Continuous Access Control," which is com- invention to remotely authenticate, reset or revoke the user's 

monly assigned to the present assignee and the disclosure of 25 password, logons, PIN and/or encryption/decryption keys, 

which is also incorporated herein by reference. whereby the user may establish communication with the 

As explained in the above-incorporated reference U.S. central server 60 (via the PDA device 10) to request, e.g., a 

Ser. No. 08/871,784, text-independent speaker recognition is PIN change. 

preferred over text -dependant or text-prompted speaker rec- Referring now to FIGS. 1, 3 and 5, the local operating 

ognition because text independence allows the speaker rec- 30 mode of the present invention is now described. Tht local 

ognition function to be carried out in parallel with other mode of operation is commenced by the user selecting a 

speech recognition-based functions in a manner transparent pre -enrolled credit card that is stored in memory 14 (step 

to the caller. It is to be understood, however, the present 200). The selection process is preferably performed by voice 

invention can employ text-dependant or text-prompted activated commands (e.g., by stating into the microphone 18 

speaker verification. 35 "I want to use my American Express Card"). Such voice 

It is to be further appreciated that the automatic speech/ commands are then received by the CPU 12 and processed 

speaker recognition system disclosed in U.S. Ser. No. in the acoustic processor module 16. It is to be appreciated 

08/873,079, filed on Jun. 11, 1997, entitled "Portable Acous- that any known command and control engine for speech 

tic Interface For Remote Access to Automatic Speech/ recognition may be employed in the present invention such 

Speaker Recognition Server," which is commonly assigned 40 as the commercially available large vocabulary IBM VIA- 

to the present assignee and the disclosure of which is VOICE GOLD system to perform the speech recognition 

incorporated herein, may preferably be employed in the functions in accordance with the present invention, 

present invention to provide for accurate speech recognition Alternatively, the desired card may be selected through 

communication in remote transactions between the PDA the user interface/display 34. The CPU 12 then searches the 

device 10 and the central server 60. 45 memory 14 for the desired information (step 202). If the card 

Particularly, as explained in above U.S. Ser. No. 08/873, was not previously stored in the PDA device 10 during the 

079, there are certain problems associated with remote enrollment process, the user will be prompted to select 

communications between a server/client systems utilizing another card (step 204). 

automatic speech/speaker recognition. Such problems If the requested card information is found in memory, 

include the loss of accuracy of data due to degradation of 50 biometric verification must be performed before the card 

voice data which is transmitted over a communication information can be written to the Universal Card 26. 

channel and the varied background noises at the user end Alternatively, as stated above, PIN or password verification 

which reduces the accuracy in speech recognition. Such by be performed in lieu of, or in addition to, biometric 

problems are remedied by preprocessing the speech signals verification. In the preferred embodiment of the present 

that are transmitted over the communication channel to the 55 invention using voice activated commands to select the 

server. Such pre-processing includes characterizing the desired card, the microphone 18 functions as a biometric 

acoustic features of the transmitting device, the sensor for receiving biometric voice data. This biometric 

environment, the speaker and the communication channel, voice data is then sent to the acoustic processor module 16 

whereby such information is then processed by the central wherein such data is processed (step 206) by comparing the 

server to set references, select appropriate decode models 60 current biometric voice data with the user's voice models 

and algorithms to recognize the speaker or decode the stored in memory 14. Although such verification may be 

speech by modeling the channel transfer function and the performed by any conventional method, the speaker verifi- 

background noise to reduce the word error rate of the speech cation methods disclosed in the above-referenced 

or to accurately perform speaker recognition. applications, U.S. Ser. Nos. 08/871,784 and 08/788,471 are 

Referring back to FIG. 4, if, on the other hand, the user is 65 preferably employed in the present invention, 

verified (step 110), the central server 60 will then prompt the In another embodiment of the present invention, a bio- 

user to provide certain transaction limitations such as the metric sensor 40 of any known type may be used in lieu of, 
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or in conjunction with the microphone, to collect biometric 
data to be processed by the biometric processor module 22 
using known techniques, e.g., finger, thumb or palm print 
data, handwriting data, a retinal vascular pattern data or a 
combination thereof. Again, in a further embodiment of the 
present invention, PIN or password verification may be 
utilized in lieu of, or in addition to such biometric verifica- 
tion techniques. 

After the biometric data is processed by the acoustic 
processing module 16 (when voice verification is utilized) or 
the biometric processor module 22 (when other biometric 
verification methods are used), or both, a determination is 
made as to whether the user is an authorized user (step 208). 
If the user is not verified, the selected card information will 
not be written to the Universal Card 26 (step 210). If the user 
is verified, the digital certificate (previously obtained in the 
client/server mode) is retrieved from memory 14 and loaded 
into the digital certificate processor module 20. The digital 
certificate processor module 20 processes the digital certifi- 
cate to determine whether the digital certificate is still valid 
(i.e., unexpired) and whether the use of the selected card has 
been prohibited or limited by the user requested limitations 
of such card during the client/server mode (step 212). If the 
digital certificate is not valid (i.e., expired), the selected card 
information will not be written to the Universal Card 26 
(step 210). 

If the digital certificate is valid (i.e., unexpired) the 
requested card information is then retrieved from memory 
14 and stored in the encrypter/decrypter module 24. The 
selected card information is then decrypted by the 
encryption/decryption module 24 using an encryption key 
unique to the PDA device 10 (step 214). The decrypted card 
information is then sent to the smartcard reader/writer 30 
where it is then written to the Universal Card 26 (step 216). 
The Universal Card 26 is then removed from the smartcard 
reader/writer 30 and swept through the magnetic reading 
device of the transaction terminal 80 (FIG. 3) (step 218). The 
consumer transaction information is then sent to the proper 
financial institution 70 via communication link L4 (step 
220). 

In a more advanced transaction terminal 80, the Universal 
Card 26 may be overwritten with a receipt of the transaction 
by the POS or ATM transaction terminal 80 (step 222). With 
this feature, the user can keep an accounting of his or her 
transactions by inserting the Universal Card 26 into the 
smartcard reader/writer 30 and then loading the receipt 
information into the memory 14 of the PDA device 10 (step 
224). The user can subsequently transfer such information to 
a personal computer containing accounting software such as 
the software sold under the tradename QUICKEN. 

Advantageously, the present invention is immediately 
employable with the current infrastructure since the Univer- 
sal Card 26 is compatible with all credit card and/or smart- 
card electronic fund transfer systems (e.g., systems that 
process ATM cards, debit cards, credit cards, access control 
cards, calling cards and/or service cards). 

It is to be appreciated that the present invention may be 
used to store and access personal information such as 
medical, financial information and other confidential infor- 
mation which may be accessed and written to the Universal 
Card 26 or displayed on the user interface/display 34 
(assuming a valid digital certificate and local user 
verification). For example, medical doctors with special 
smarlcards can access certain medical information from the 
PDA device of a patient (upon patient verification) by 
writing such information to the smartcard via the smartcard 
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reader/writer of the PDA device 10. Alternatively, such 
information may be transferred by wireless communication 
between the PDA device of the patient and the PDA device 
of the doctor. 

s It is to be further appreciated that the invention may 
interact with electronic fund transfer systems or transaction 
terminals having wireless or direct communication capabili- 
ties without even having to use the Universal Card 26. 
Specifically, as demonstrated by the dotted lines in FIG. 5, 

10 the consumer transaction may be performed by transmitting 
the selected card information directly from the PDA device 
to the ATM or POS transaction terminal through an estab- 
lished communication link L2 (step 228, FIG. 3) (i.e., via the 
serial port 42, the parallel port 44 modem 42, the IR port 54 

15 or the RF port 50), rather than retrieving and writing card 
information to the Universal Card 26. Further, a receipt of 
the transaction can be directly transmitted to the PDA device 
10 through the communication link L2 (step 230). It is to be 
understood that in this embodiment, the CPU 12 of the PDA 

20 device 10 will prohibit the selected card information from 
being retrieved and transmitted to the transaction terminal 
80 if the user is not biometrically verified and/or if the digital 
certificate is not valid (step 226). In this particular embodi- 
ment of the present invention, the PDA device 10 itself 

25 actually takes the place of the Universal Card 26 and, 
consequently, eliminates the need of having to first write the 
selected card information to the Universal Card 26 and then 
sweep the Universal Card 26 through the magnetic reader of 
the POS or ATM transaction terminal. 

30 Advantageously, the present invention provides biometric 
security for transactions that do not involve electronic data 
transfer such as transactions that are processed with tradi- 
tional mechanical credit card sweepers or transactions that 
are performed remotely over the telephone. In such 

35 situations, a merchant can confirm that the user passed local 
verification by using the unique Universal Card number 27 
(FIG. 2) together with an authorization number which is 
based on the current valid digital certificate and generated 
upon user verification. 

40 By way of example, referring to FIG. 6, a flow diagram 
illustrating the local mode of the PDA device 10 during a 
remote (or mechanical sweeper) consumer transaction is 
shown. When operating the PDA device 10 in the local 
mode, if the user is biometrically verified (step 308) and the 

45 PDA device 10 contains an unexpired digital certificate (step 
310), the selected card information is retrieved from 
memory 14 and decrypted (step 314). The desired credit card 
information, as well as an authorization number, is then 
displayed on the user interface/display 34 (step 316). This 

50 information can then be verbally communicated to the 
merchant in order to process the transaction. If the user is not 
biometrically verified, or if the PDA device 10 contains an 
expired digital certificate, the selected card information and 
authorization number will not be displayed, (step 312). 

55 The merchant can verify that local verification of the user 
has been properly obtained by establishing a communication 
link L3 (FIG, 3) with the central server 60. If the selected 
card information corresponds to a credit card that was 
previously enrolled (i.e., registered) with the service pro- 

60 vider of the PDAR device 10 and Universal Card 26, upon 
transmitting the selected card information to the financial 
institution (or calling such institution to confirm the validity 
of the credit card), the merchant will be requested to provide 
the authorization number (which is generated upon user 

65 verification), in addition to the expiration date of the credit 
card. The merchant will then transmit the Universal Card 
number 27 and the displayed authorization number to the 
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central server 60. Since the authorization number is a 
function of the unexpired digital certificate that was obtained 
from the central server 60 in the client/server mode, the 
central server 60 inform the merchant that the user was 
properly verified (step 318). 5 

It is to be appreciated that local verification may also be 
performed by signature verification, whereby a digitized 
image of the user's valid signature is displayed on the user 
interface/display 34 using known techniques so that a mer- 
chant can compare the digitized signature on the screen to 30 
the user's written signature to provide further authentication. 
Further, the present invention may utilize any conventional 
pressure sensitive display wherein the user of the PDA 
device 10 may sign his or her signature on the display, which 
is then processed and compared with an authentic digitized 
signature stored in the memory 14 of the PDA device 10. An 15 
example of such technique is disclosed, for example, in 
"Automatic On-line Signature Verification," by Vic Nalwa, 
Proc. IEEE, pp. 215-239, February, 1997. 

It is to be further appreciated that the PDA device 10 and 
system of the present invention can be configured to afford 20 
an additional level of security for user verification, whereby 
the financial institution (e.g., credit card company) can 
verify the identity of the consumer during a purchase 
transaction. Specifically, during a consumer transaction, 
upon local verification (biometric, PIN and/or password) 25 
and assuming, of course, that a valid digital certificate was 
previously downloaded from the central server 60, the PDA 
device 10 can be programmed to download the selected card 
information in encrypted form to the Universal Card 26, as 
well as an encrypted file containing unique identifying 30 
information pertaining to the consumer including, but not 
limited to, such as the consumer's name and account number 
(issued by the service provider of the PDA device 10 and 
Universal Card 26). The selected card information, as well 
as the encrypted information file, would be transmitted to the 35 
POS terminal (via the Universal Card, RF or IR) and then 
transmitted in encrypted form directly to the processing 
financial institution together with the purchase details. 

Similarly, for purchase transactions with remote services 
(e.g. via the internet with a merchant's Web site), the 40 
selected card information in encrypted form, as well as the 
encrypted user information, would be transmitted via 
modem (TCP/IP) to the remote service (i.e., Web site) and 
then transmitted in encrypted form to the financial institu- 
tion. It is to be appreciated that the encrypted information 45 
may be transmitted to the merchant's Web site either directly 
from the modem 58 of the PDA device 10, or by download- 
ing such information to the Universal Card 26, which is then 
read and transmitted by a PC equipped with a smartcard 
reader and a modem. 50 

Next, assuming the credit card was previously enrolled 
with the service provider, the processing financial institution 
would posses the requisite key (provided by the service 
provider upon enrollment) to decode (i.e., decrypt) the 
transmitted information to verify the identity of the user. 55 
Consequently, the processing financial institution would 
provide an authorization number for the transaction to the 
merchant if the consumer was verified or, on the other hand, 
deny the transaction and inform the merchant if the con- 
sumer is not authorized to use the selected card. 60 
Alternatively, the PDA device 10 can be programmed to 
download a copy of the valid temporary digital certificate in 
encrypted form (as well as the selected card information in 
encrypted form) to the Universal Card 26, whereby the 
digital certificate containing the requisite information to 65 
identify the user would be transmitted (with the selected 
card information) to the corresponding financial institution. 
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The present invention has heretofore been illustrated as a 
separate portable device. It is to be understood by one of 
ordinary skill in the art that the configuration of the present 
invention may be embedded in other CPU based systems 
such as a cellular phone, a portable laptop, a network 
computer (NC), or a PC having built in the components of 
the above described PDA device 10. For example, a portable 
laptop having the smartcard reader/writer 30 of the PDA 
device 10 may be directly connected to the central server 60 
through a modem or through an internet server by protocols 
such as TCP/IP to download a valid digital certificate. 

Moreover, the functions and components of the PDA 
device 10 may be built into a cellular phone, whereby 
communication with the central server 60 may be achieved 
through a cellular communication channel, which may be 
analog or digital (e.g., CDMA, GSM, etc.). 

It is to be appreciated by one of ordinary skill in the art 
that a special ATM, kiosk or POS terminal can be employed 
to perform the methods and functions of the present inven- 
tion in lieu of the actual PDA device, thereby eliminating the 
need to physically posses the PDA device 10. For instance, 
a smartcard having a valid digital certificate and the user's 
verification data (e.g, biometric data (voice print), PIN 
and/or password) and card information stored thereon may 
be inserted into the ATM, kiosk or POS terminal, which are 
be equipped with biometric sensors such as a microphone. 
The ATM can then verify the user biometrically or via PIN 
or password. Assuming the digital certificate is valid, the 
ATM can then initialize the smartcard which may then be 
used to perform, for example, a purchase transaction. The 
smartcard may then be used for the duration of the validity 
of the digital certificate (i.e., until the digital certificate 
expires) or until another card is loaded. In this embodiment, 
the smartcard can be used for only a limited amount of 
transactions. The digital certificate may be downloaded to 
the smartcard by any method analogous to the PIN mainte- 
nance techniques disclosed in the above incorporated U.S. 
Ser. No. 08/873,079, "Portable Acoustic Interface For 
Remote Access to Automatic Speech/Speaker Recognition 
Server." For example, the user may establish a communi- 
cation link with the central server 60 service provider 
through a personal computer having a smartcard reader, 
whereby a valid digital certificate may be download onto the 
smartcard after the user provides verification information 
such as user ID, PIN, smartcard serial number, and/or 
biometric data. 

It is to be further appreciated that the PDA device 10 of 
the present invention may be used as a personal credit card 
center whereby funds may be directly transferred between 
individuals having such PDA devices via credit cards or 
debit cards. For example, assume that User A owes User B 
a certain amount of money. User A will perform local 
verification (assuming that user A has a valid digital 
certificate) to download selected credit card or debit card 
information to User A's Universal Card. User A will then 
provide User B with the Universal Card which is then 
inserted into the smartcard reader/writer 30 of the PDA 
device 10 of User B. User B then selects the amount of 
money to be transferred (i.e., debited) from the Universal 
Card (i.e., selected credit card) to any one of User B's 
enrolled financial accounts (e.g., credit card accounts). User 
B then obtains the authorization number produced by the 
PDA device of User A upon local verification, and enters 
such number into the PDA device of User B. Of course, the 
above procedure may be performed directly (e.g., via IR 
communication) instead of physically exchanging the Uni- 
versal Card. 
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To prevent fraudulent transactions, the authorization num- 
ber produced by the PDA device of User A must be inputted 
into the PDA device of User B after the amount of the 
transaction is entered into the PDA device of User B and 
verified by User A. In other words, the PDA device of User 
B must be configured such that the authorization number 
from User A will not be accepted by the PDA device of User 
B unless the amount of the transaction is first entered into the 
PDA device of User B. Moreover, the PDA device of User 
B must be configured such that the authorization number of 
User A entered into the PDA device of User B is valid for 
only one transaction (i.e., one amount of money entered into 
the PDA device of User B), whereby the entire process must 
be subsequently repeated for each additional transaction 
between User A and User B. Alternatively, to prevent fraud, 
the PDA device of User A may be configured such that the 
authorization number produced by the PDA device of User 
A contains the amount of money to be transferred to the 
account of User B in an encrypted or, otherwise, hidden form 
so that User B cannot access and manipulate such amount. 

After entering User A's authorization number, User B will 
establish a communication link with the service provider to 
verify that the authorization number corresponds to User A's 
unique Universal Card number and then have the funds 
transferred to User B's selected account (assuming the 
account is registered with the service provider). 

One of ordinary skill in the art can envision various 
methods for implementing the present invention for com- 
municating the selected card information. For instance, in 
the near future, information may be communicated between 
individuals and systems via personal area network (PAN) 
which links special electronic devices having a transceiver 
and CPU carried on the individuals using human conduc- 
tivity. Such concept may be employed in the present inven- 
tion whereby the selected card information is transferred 
upon human contact (e.g., shaking hands) rather than being 
transferred through a magnetic or smartcard or wireless 
communication. Specifically, the present invention may be 
embedded into the CPU of a PAN device whereby selected 
card information may be transmitted to receiving devices 
such as AIM'S and POS terminals which are equipped with 
the requisite software and hardware to support PAN data 
exchange. 

Although the illustrative embodiments of the present 
invention have been described herein with reference to the 
accompanying drawings, it is to be understood that the 
invention is not limited to those precise embodiments, and 
that various other changes and modifications may be 
affected therein by one skilled in the art without departing 
from the scope or spirit of the invention. All such changes 
and modifications are intended to be included within the 
scope of the invention as defined by the appended claims. 

What is claimed is: 

1. A portable information and transaction processing 
device, comprising: 

a central processing unit; 

a memory device, operatively coupled to said central 
processing unit, for storing transaction information 
comprising one of financial information, personal 
information, and a combination thereof; 

communication means for establishing a communication 
link with a central server of a service provider, disposed 
at a remote location, to download a temporary digital 
certificate issued by said service provider; 

a user interface, operatively coupled to said central pro- 
cessing unit, for selecting at least a portion of said 
transaction information; 
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a card reader; 

a universal card having a unique card number designated 
to a subscribing user of said service provider, wherein 
the universal card is inserted into said card reader to 
s receive said selected portion of said transaction infor- 
mation; and 

programming means, executable by said central process- 
ing unit, for determining if said temporary digital 
certificate is valid, for writing said selected portion of 
10 said transaction information to said universal card if 
said temporary digital certificate is deemed valid, and 
for preventing said selected portion of said transaction 
information from being written to said universal card 
when said temporary digital certificate is deemed 
invalid. 

35 2. The device according to claim 1, further comprising 
verification means for verifying if a user of said device is an 
authorized user and wherein said programming means com- 
prises means for preventing said selected portion of said 
transaction information from being written to said universal 

20 card if the user of said device is not verified. 

3. The device according to claim 2, wherein said verifi- 
cation means includes one of biometric verification means, 
PIN (personal identification number) verification means, and 
a combination thereof. 

25 4. The device according to claim 3, wherein said biomet- 
ric verification means includes: biometric sensor means for 
receiving biometric data from a user of said device; and 
biometric processing means for processing said biometric 
data to determine if said user of said device is an authorized 

30 user. 

5. The device according to claim 4, wherein said biomet- 
ric data is derived from one of a finger, thumb or palm print, 
a voice print, a handwriting sample and a retinal vascular 
patter and a combination thereof. 
35 6. The device according to claim 4, wherein said biomet- 
ric verification means performs speaker verification and said 
biometric data is voice data. 

7. The device according to claim 6, wherein said speaker 
verification is text- independent speaker verification. 
40 8. The device according to claim 1, further comprising 
encrypting/decrypting means, operatively coupled to said 
central processing unit, for encrypting said transaction infor- 
mation prior to said transaction information being stored in 
said memory device and for decrypting said selected portion 
45 of said transaction information. 

9. The device according to claim 1, further comprising 
speech recognition means, operatively coupled to said cen- 
tral processing unit, for processing voice commands from an 
authorized user of said device. 
50 10. The device of claim 1, wherein the temporary digital 
certificate includes one of an expiration date, the unique card 
number of the universal card, transaction limitation data, and 
a combination thereof. 

11. An information and transaction processing system, 
55 comprising: 

a central server associated with a service provider of a 

subscribing user; 
a transaction terminal; and 
a portable communication device comprising: 
60 a central processing unit; 

a memory device, operatively coupled to said central 
processing unit, for storing transaction information 
comprising one of financial information, personal 
information, and a combination thereof; 
65 communication means for establishing a communica- 
tion link with said central server to download a 
temporary digital certificate from said central server; 
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a user interface, operatively coupled to said central 
processing unit, for selecting at least a portion of said 
stored transaction information; 

a card reader, 

a universal card having a unique card number desig- 
nated to the subscribing user by said service 
provider, which is inserted in said card reader to 
receive said selected portion of said transaction 
information; and 
programming means, executable by said central pro- 
cessing unit, for determining if said temporary digi- 
tal certificate is valid, for writing said selected por- 
tion of the transaction information to said universal 
card if said temporary digital certificate is deemed 
valid, and for preventing said selected portion of the 
transaction information from being written to said 
universal card if said temporary digital certificate is 
deemed invalid; 
whereby said universal card is presented to said transac- 
tion terminal for initiating a user-desired transaction if 20 
said selected transaction information is written to said 
universal card. 

12. The system of claim 11, wherein said central server 
comprises verification means for receiving and processing 
verification data of a user of said portable device, which is 25 
transmitted from said portable device, to verify if the user of 
said portable device is a subscribing user, whereby said 
digital certificate is transmitted to said portable device only 

if said user is verified. 

13. The system of claim 11, wherein said portable com- 
munication device further comprises verification means for 
verifying if a user of said portable communication device is 
authorized to use said portable communication device, and 
wherein said programming means comprises means for 
preventing said selected transaction information from being 
written to said universal card if the user of said portable 
communication device is not verified. 

14. A method for performing an electronic transaction, 
comprising the steps of: 

using a portable communication device to establish a 
communication link with a central server of a service 
provider; 

verifying, by the central server, the identity of a user of the 
portable communication device to determine if the user 
is a subscribing user of the service provider, 

downloading a temporary digital certificate from the 
central server to the portable communication device, 
the temporary digital certificate being issued by the 
service provider if the user is verified as a subscribing 
user; 

selecting, by the user of said portable communication 
device, desired transaction information stored in the 
device to perform an electronic transaction; 

verifying, by the portable communication device, if the 
user is an authorized user of said device; 

determining, by the portable communication device, if the 
downloaded temporary digital certificate is valid; and 
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providing the selected transaction information to an elec- 
tronic transaction terminal to perform an electronic 
transaction, if the user is deemed an authorized user and 
the temporary digital certificate is deemed valid. 

15. The method of claim 14, wherein the step of providing 
the selected transaction information to an electronic trans- 
action terminal comprises the steps of: 

retrieving said selected transaction information stored in 

said portable device; 
decoding the selected transaction information using a key 

from the temporary digital certificate; 
establishing a transaction communication link with said 

electronic transaction terminal; and 
transmitting said decoded transaction information over 

said transaction communication link to said electronic 

transaction terminal. 

16. The method of claim 14, wherein the step of providing 
the selected transaction information to an electronic trans- 
action terminal comprises the steps of: 

retrieving said selected transaction information stored in 

said portable device; 
decoding the selected transaction information using a key 

from the temporary digital certificate; 
writing the decoded transaction information to a universal 

card in a card reader of the portable device; and 
providing the universal card with the decoded transaction 

information to the electronic transaction terminal. 

17. The method of claim 14, further comprising the steps 

of: 

generating an authorization number associated with the 
temporary digital certificate; and 

verifying the transaction by the transaction terminal, 
wherein the step of verifying the transaction comprises 
the steps of establishing a communication link with the 
central server by the electronic transaction terminal, 
and transmitting the authorization number and an 
account number of said subscribing user to said central 
server. 

18. The method of claim 14, wherein the temporary digital 
certificate includes one of an expiration date, an account 
number of the subscribing user, transaction limitation data, 
and a combination thereof. 

19. The method of claim 18, wherein one of the expiration 
date, transaction limitation data, and a combination thereof, 
of the temporary digital certificate is selected by the user of 
said portable communication device, if the user is verified by 
the central server as a subscribing user. 

20. The method of claim 14, wherein the steps of veri- 
fying by the central server and the portable communication 
device are performed using one of biometric verification, 
PIN (personal identification number) verification, and a 
combination thereof. 
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